Hacker puts almost 10 million healthcare records up for sale on dark web

There has been another reported incident of a hacker selling stolen personal information on the dark web. This time, a cybercriminal is offering almost 10 million patient records for around $820,000.

The seller, who calls himself “thedarkoverlord,” started listing the data on dark web black market TheRealDeal over the weekend. There are four databases on offer, which includes patient details such as names, addresses, dates of birth, social security numbers, and health insurance information.

The largest batch, containing over 9.2 million patient records stolen from a US health insurance provider, is on sale for 750 bitcoins, which is around half a million dollars.

The other databases allegedly originate from three different, unnamed healthcare organizations: one in Farmington, Missouri that contains 48,000 records for 60 bitcoins; another in Atlanta, Georgia has 397,000 for 300 bitcoins, and the third in the Central/Midwest US with 210,00 entries for 170 bitcoins.

Thedarkoverlord claims to have already sold $100,000 worth of records from the Georgia database. “Someone wanted to buy all the Blue Cross Blue Shield Insurance records specifically,” the hacker said.

Motherboard was provided with a sample of records from the Georgia database. The vast majority of phone numbers connected to the correct person, and one individual confirmed that their details were correct. Many of those contacted declined to be interviewed.

The hacker said he stole the data using a zero-day vulnerability in the remote desktop protocol, which allows users to control computers from afar. "This product is an extremely large database in plaintext from a large insurance healthcare organization in the United States," the hacker wrote. "It was retrieved using a 0day within the RDP protocol that gave direct access to this sensitive information."

Hospitals and other healthcare providers are becoming an increasingly popular target for hackers. Several hospitals have been hit with ransomware attacks this year, and the nation’s second largest health insurance provider – Anthem – said as many as 80 million personal records may have been compromised during a 2015 security breach.